The present invention relates generally to the provision of information services in radiocommunication systems and, more particularly, to techniques for controlling access to broadcast information services provided in conjunction with existing radiocommunication services and systems.
The growth of commercial radiocommunications has been dramatic over the last fifteen years. Pagers and cellular phones, in particular, stand out as relatively common equipment in many urban settings. These two different types of communication devices, and supporting systems, have evolved from different fundamental purposes, i.e., pagers for traditionally providing one-way, limited information to one or more end users and cellular phones for traditionally providing two-way voice communication service.
As time and technology progress, the traditional functional dividing lines between these two different types of radiocommunication devices have blurred. Pagers have acquired some of the functionality that was traditionally provided by cellular phones and vice-versa. For example, two-way pagers have been developed which permit the pager to transmit messages to the paging system, which messages can then be forwarded to other parties. Similarly, cellular phones have acquired the capability to transmit and receive short (e.g., on the order of 160 alphanumeric character) text messages which can be output on the display of a cellular phone. This evolution in radiocommunication devices has led to the development and marketing of a host of new information services.
As broadcast information services are developed for application to conventional cellular systems, Applicant anticipates that it will be desirable to implement techniques that permit network operators and/or service providers to control access to these new services. Historically, access control/security for wireless services varies between four general types of wireless services: (1) point-to-point services, e.g., voice connections between two remote terminals, (2) group calls, e.g., voice connections between more than two remote terminals (3) non-end user point-to-multipoint services, e.g., system control broadcast information and (4) end-user point-to-multipoint services, e.g., stock quote services, sport score services, etc.
Point-to-point services consist, as of today, mostly of speech calls made to the fixed telephone network or to other mobile users. In order to reduce fraud and limit eavesdropping, authentication and encryption are now supported in all digital cellular systems, including the satellite systems designed for personal communication which will soon be in operation. Each mobile phone (or SIM card in mobile phones operating in accordance with the GSM standard) has a secret key. This key is the root for both authentication and encryption and each user""s secret key is unique. This key, referred to as the A-key in security specifications promulgated by the Telecommunications Industry Association (TIA), can be entered by the user through a keyboard or be sent or generated in the process of the Over-the-Air Activation Teleservice (OATS) process as described in the TIA specifications. In GSM, the key resides in the xe2x80x9csmart cardxe2x80x9d (SIM card) and can not be changed. The authentication allows the system to verify the user (or more specifically the phone or SIM card). Encryption of transmissions further limits illegitimate use of the system, e.g. sending false information to the mobile station. Bilateral authentication, where the base station must also verify its legitimacy, reduces the risk of having an illegitimate base station sending dummy data to the mobile.
Similar to point-to-point communication services are group calls. If the group call is set up by having each member assigned to an individual traffic channel, as for a more xe2x80x9cnormalxe2x80x9d call between two individuals, the individual A-key based authentication and encryption can be used and there is no difference between group calls and standard voice calls that would require further protective procedures. If there is a common channel assigned for the group, which is feasible in particular in the downlink, all users must be able to listen to this channel. Hence, the encryption of the downlink can in this case not be based on a particular user""s A-key. A common encryption key for the group (G-key) must instead be used for the encryption. Each user can still be authenticated on an individual basis, e.g. using the standard A-key. However, the encryption key must not be a root key to anyone""s A-key. The G-key may be entered into the mobile station by the key-pad or sent to the mobile station under protection of the normal A-key based encryption.
For non end user, point-to-multipoint services, e.g., the information provided on a broadcast control channel (BCCH) in a cellular system, there are no protection mechanisms in place in current wireless systems. This is the case because system designers want to make it fast and easy for mobile stations to find and read the control information found on this type of resource. For this service type there is little or no incentive to bar non-subscribing users from reading the control information being broadcast on the BCCH, however techniques for validating the integrity of the data may be provided. Thus, encryption to bar access of point-to-multipoint control channels is not needed or provided.
End user, point-to-multipoint services, e.g., the stock quote and headline services described in the two above-incorporated utility patent applications, differ from non end user, point-to-multipoint services in that the service operator, which may not necessarily be the same as the cellular operator, do not want non-subscribing individuals to be able to read the information broadcast to subscribers over the air interface. For example, if stock quotes are provided in a broadcast channel, users who do not pay a monthly subscription fee should not be able to obtain access to the information. As with the broadcast control information, data integrity protection may also be desirable for data services broadcast to subscribing end users.
Thus, it can be seen that it would be desirable to provide methods and systems for controlling access to broadcast information services which provides suitable information integrity and a level of access control, wherein such concerns are balanced against ease of operation (e.g., ease of subscriber activation/deactivation).
Exemplary embodiments of the present invention provide techniques which support access control to broadcast information services provided via radiocommunication systems. Service access control techniques according to the present invention attempt to achieve a number of objectives. Specifically, only eligible users should be able to receive services, it shall be simple and fast to enable a service for a particular user, it shall be simple and fast to disable a service for a particular user, it should be difficult to insert false messages into the broadcast channel or sub-channel, it should be possible for the operator to verify a user""s claim that he or she is not able to access a service and therefore is challenging the bill. The end user""s equipment, e.g., mobile station, may be a receive-only device, similar to a simple pager, or may be a receive/transmit device, such as a mobile phone.
According to a purely illustrative, exemplary embodiment of the present invention, the broadcast information service can be a security quote service which is provided in an IS-136 compliant system having broadcast short-message-service (SMS) capability. The portion of the broadcast control channel which has been reserved in IS-136 for SMS can be further separated into a plurality of logical sub-channels for carrying various portions of the data used to implement the security quote service. More specifically, these exemplary sub-channels can include a Security Name channel, a Start Value channel and a Delta channel.
Access to these channels can be provided using different techniques. According to a first exemplary embodiment, a status variable can be maintained in the remote device which informs the remote device whether the user is authorized to have information associated with a particular broadcast service. The remote device checks this status variable and selectively outputs information in accordance therewith. A service provider can periodically send enable/disable signals to update this status variable.
According to another exemplary embodiment of the invention, information transmitted on broadcast channels can be encrypted. Then, subscribers will periodically receive keys usable to decrypt the broadcast information.